Steve’s practice is in the areas of non-contentious and contentious Data Protection, Information Technology, Intellectual Property, Cybersecurity, Communications and Digital Media / Entertainment law. He has been recognised as a leading lawyer for media and telecommunications in the PLC Cross-border Media and Communications Handbook 2009/10; and for TMT (Technology, Media and Telecommunications) work in The Legal 500 Asia Pacific 2010 to 2019; AsiaLaw Profiles 2011 to 2019; and Chambers Asia Pacific 2013 to 2019. Steve is part of the firm’s TMT team that is ranked as Tier 1 in The Legal 500 Asia Pacific 2010 to 2019, AsiaLaw Profiles 2011 to 2019, and Chambers Asia Pacific 2013 to 2019. Steve is also cited as a leading lawyer for Technology law, Media law and/or Information Technology law in Best Lawyers 2013 to 2019, in The International Who’s Who of Telecoms and Media Lawyers 2014 to 2019 and in Who’s Who Legal: Data 2019 for Telecoms & Media, Data Security, and Data Privacy & Protection. Steve is recognised as a leading lawyer for IT & Telecoms in Asia IP Experts 2018.

Steve won Corporate Live Wire Legal Awards 2015 ‘Communication Lawyer of the Year’. Steve further won Corporate Insider Business Excellence Award 2019 ‘Communication Lawyer of the Year – Singapore’. Steve achieved “In-House Community External Counsel of the Year, 2018” in the In-House Community resource where he is cited as “a fast, value-adding, effective counsel”. Steve is cited as “one of the best in the field of personal data protection” in The Legal 500 Asia Pacific 2017. In Chambers Asia Pacific 2019, Steve receives praise from a client who characterises him as a "truly dedicated and passionate TMT lawyer. His knowledge in data protection laws and understanding of policymaking are key. His wealth of experience in this area of law gives me the confidence that I have been advised by one of the best in class.”

Steve is at the forefront of data privacy law work and developments in Singapore as well as in Asian regional countries. His leadership in data privacy work has resulted in Steve being frequently invited to share his insights on IT/IP/data protection/Entertainment law and developments, at speaking engagements around the world such as Europe, USA including Singapore. As a further indicator of his passion and ingenuity for data privacy law, Steve conceived an inaugural three days international data privacy conference (sited in Asia but with international reach) called ‘Data Privacy Asia’ which was held in August 2015 in Singapore and featured speakers from around the world. Steve continues to be involved in the subsequent runs of Data Privacy Asia. Steve has advised and assisted multiple organisations on compliance with Singapore’s new personal data protection law, which fully came into force on 2 July 2014. They include organisations from the banking/financial, insurance, property, health & wellness, retail, education, logistics, IT etc sectors. Steve has assisted many organisations with investigations by the Personal Data Protection Commission (Singapore’s Regulator for personal data protection).

Steve’s work in personal data protection law and data/cyber security in Singapore is a first/leader for various service offerings one of which is a new data/cyber breach service that Steve has conceived and launched. This new data/cyber breach service features a unique one-stop-shop service to assist organisations to effectively handle data/cyber breaches. Clients will enjoy the benefit of the legal expertise provided by Steve and the technical/forensic expertise of a technical security specialist that the firm has teamed up with. This new data/cyber breach service will provide organisations with a holistic solution designed to assist in preventing data/cyber breaches and/or in effectively responding to a data/cyber breach. These include an assessment of data breach readiness, data breach preparedness activities, data breach incident response.

Steve has also conceived and launched a new externalised data protection officer service whereby organisations can outsource the mandatory data protection officer role to the firm. This is especially useful for organisations which have difficulties in appointing a data protection officer or finding someone with the requisite expertise to take on that role.

Steve’s leadership in the area of data protection is shown by his being invited to be the author of the following chapters in the following publications: (a) Steve is the author of a chapter in the 2nd edition of the authoritative book ‘Data Protection Law in Singapore – Privacy and Sovereignty in an Interconnected World’ published in 2018 by the Singapore Academy of Law on the topic ‘Data Protection and New Technologies’ (b) Steve is also the co-author of a chapter in the Personal Data Protection Commission’s yearly publication ‘Personal Data Protection Digest’ on the topic ‘Personal Data Protection Commission’s Enforcement Decisions in 2017: Some Lessons to be Learnt’.

Most recently, Steve accepted an invitation from National University of Singapore to be an Adjunct Professor to teach a new law course on Privacy and Data Protection at the University’s Law School, starting August 2019. This is a testament to Steve’s recognition as a leading lawyer in this field.

Steve co-founded Rajah & Tann Technologies Pte Ltd, a company that, among various services, specialises in providing technical services to organisations to prevent data breaches as well as technical incident responses services to deal with data breaches. Further details at https://www.rttechlaw.com/

Experience

Steve has advised extensively on a broad spectrum of technology, data protection/privacy, cybersecurity, IP and digital media related matters. His clients include those from the IT, film and/or computer game industries, to name a few.

Steve’s insights and experience are heightened by his combined exposure as a practising lawyer and as in-house counsel in commercial companies. In terms of his in-house experience Steve was legal counsel in Fraser & Neave. He was later head-hunted as sole legal counsel for a Singapore Technologies company with businesses in IT and digital media, and subsequently headed the legal team.

Steve is very much involved in intellectual property and information technology related work, having dealt with a broad spectrum of non-contentious work dealing with IT outsourcing, IT tenders, software development & ASP related arrangements, software licensing, music licensing, trademark registration, to name a few, as well as contentious work such as complex IT disputes involving software development to intellectual property infringement (he has participated in raids on and prosecuted copyright infringers).

Steve is equally engaged in digital media / entertainment related work. Steve is one of only a handful of local lawyers involved in such work. He has advised clients on animated film/TV productions, such as ‘Ten Commandments’ and the ‘Future is Wild’, and on other feature film productions. His advice has been sought on reality TV series productions, co-production and investment agreements in film production, film financing, production and/or distribution. He has also provided clients with advice on computer game development, publishing and/or distribution deals, whether for the mobile, PC, handheld or online platforms or otherwise.

With the introduction of personal data protection law in Singapore, Steve has been very much involved with clients in assisting them in dealing with personal data protection related issues, compliance work and investigations by the Regulator.

To assist organisations in dealing with the challenges of a digital economy where the key asset for organisations is data in digital form, Steve has been assisting organisations on cybersecurity matters including conducting bespoke cyber/data breach simulation exercises, consulting on the set up of data breach response teams within organisations, to name a few.

Steve has travelled and / or been involved in various transnational transactions/matters with countries such as Kazakhstan, Australia, USA, Vietnam, Indonesia, Malaysia, People’s Republic of China, New Zealand, Canada, UK, and Nigeria.

Advised and carried out a full suite of compliance activities for banks to deal with Singapore personal data protection law.

Advised and carried out a full suite of compliance activities for a listed leading healthcare company, with outlets in multiple jurisdictions, on compliance with Singapore personal data protection law.

Advised and carried out a full suite of compliance activities for a significant corporate group with businesses in recreation and food and beverage, on compliance with Singapore personal data protection law.

Advised and carried out a full suite of compliance activities for the Singapore subsidiary of a global leading supply chain management group on compliance with Singapore personal data protection law.

Advised and carried out Singapore personal data protection law compliance activities for a Singapore subsidiary of a global nutrition company.

Advised the Singapore subsidiary of a global footwear company on various personal data protection related issues.

Advised a bank with corporate and retail arms, on Singapore personal data protection law and certain documentation related thereto.

Advised a leading global organisation in the consumer products space on compliance with data protection law across 8 Asian countries.

Personally appointed as Data Protection Officer for organisations.

Advising clients with respect to Singapore’s Data Privacy Regulator

Assisted a global conglomerate with regard to investigations by Singapore’s Personal Data Protection Commission on alleged breach of Singapore’s data protection law for which a positive result was obtained.

Advised a financial institution on dealing with investigations by Singapore’s Personal Data Protection Commission including assisting on submissions and defending the investigations.

Advised a significant organisation in the F&B industry on investigations by Singapore’s Personal Data Protection Commission for which a positive result was obtained.

Assisted a global organisation to file a submission to Singapore’s Personal Data Protection Commission for clarification on a point of law in Singapore’s data protection law for which the objective was achieved.

Assisted an organisation that is part of a global group in the health products/health care industry on investigations by Singapore’s Personal Data Protection Commission for which a positive result was obtained.

Assisted an organisation that is part of a global group in the consumer products space on investigations by Singapore’s Personal Data Protection Commission for which a positive result was obtained.

Advised an organisation with regard to a potential data breach incident and on whether to notify the incident to the Personal Data Protection Commission.

Assisted a leading FCMG organisation with regard to investigations by Singapore’s Personal Data Protection Commission on alleged breach of Singapore’s data protection law.

Assisted a leading organisation with significant volume of individuals’ data with regard to investigations by Singapore’s Personal Data Protection Commission on alleged breach of Singapore’s data protection law.

Cybersecurity, Data Breach Readiness, Data Breach Response

Conducted cyberbreach simulation exercise for participation by the management of a reputable organisation.

Advised a leading organisation on managing a data breach including notification requirements and conducting monitoring of the Dark Web and public Internet for possible traces of exfiltrated personal data.

Advised a leading organisation on handling a data breach, dealing with enquiries after notification, dealing with investigations by Singapore’s Personal Data Protection Commission.

Advised a potential acquirer of an e-commerce company on the implications of a data breach that had occurred for the e-commerce company.

Advised a global retail company on a data breach incident that occurred impacting several countries and analysis on whether there was a need to make notifications to the relevant data protection authorities and data subjects under the laws of those countries.

Advised a leading investment company on data breach readiness including preparation of a data breach management plan.

Advised a foreign multi-national conglomerate with subsidiaries in a multitude of end markets throughout the world on outsourcing of IT services.

Prepared for a foreign financial institution template outsourcing services agreement that the organisation may use in engaging service providers.

Acted for IDA International and the International Finance Corporation (a division under the World Bank) to develop and/or review Bangladesh’s digital signature regulatory framework.

Acted for Singapore Technologies Electronics Limited together with other colleagues from the Corporate & Capital Markets Practice, being a wholly owned subsidiary of Singapore Technologies Engineering Ltd, which is listed on the Main Board of the SGX-ST, in its S$162.8 million acquisition of shares in Nera Telecommunications Limited, also listed on the Main Board of the SGX-ST, pursuant to a privatization and delisting scheme of arrangement under Section 210 of the Companies Act (Cap 50).

Advised financial institution(s)/corporation(s) on the admissibility and legal recognition of electronic records.

Advised a major global bank on legal issues relating to and the feasibility of its intended e-commerce business offering.

Advised on and drafted the agreement(s) for an IT project for a global MNC headquartered in France, to be entered into with a PRC company.

Advised various international clients on data protection and privacy laws in Singapore.

Acted for and advised banks and other financial institutions including funds/investment/brokerage company(ies) on various information technology and/or intellectual property related matters/projects.

Advised a leading bank on electronic contracting, financial instruments and customer authentication issues arising from the implementation of a new technology platform.

Advised a company headquartered in Japan on virtual payment and other legal issues arising from the implementation of its eCommerce offering.

Advised a software vendor on its intended contractual relationship with a bank relating to a software trading system.

Advised on and drafted the agreements for an IT project for a large scale listed Singapore company, to be entered into with a French company.

Advised a public listed company on its e-commerce portal service offering and various legal issues relating thereto.

Advised a public listed company on the validity and admissibility of emails under the Electronic Transactions Act in relation to its new business offering.

Advised a prominent global company in the insurance industry on its IT related contract(s).

Drafted and negotiated various IT and project related agreements for a large scale Singapore listed company’s IT project in Kazakhstan.

Advising clients on import and other legal issues relating to a point‐of‐sale system which it intends to market in Singapore.

Advised a foreign broadcasting company on Singapore media content and broadcasting laws.

Advised a significant foreign pay tv, cable and media broadcasting company on Singapore broadcasting laws in Singapore and the setting up of business in Singapore.

Acted for a Film production/investment company in various deals including film rights buyback, investment (media fund).

Advised the producers of a Hollywood action blockbuster sequel.

Advised an international film group on the setting up of a multi-million dollar film fund in Singapore.

Drafted, reviewed and negotiated various digital media related agreements such as co-production agreements, investment agreements and related agreements for ST Electronics (Training & Simulation Systems) Pte Ltd’s digital media business including the Ten Commandments animated movie. The Ten Commandments was screened in more than 500 cinemas in the USA in October 2007 and opened theatrically in Singapore on 6 December 2007.

Advising a foreign education institution in the digital media industry on setting up a school in Singapore.

Acted for AIPRO (the Association of Independent Television Production Companies (Singapore)) in an industry related deal.

Instrumental in arranging for the firm to be the appointed law firm for Asia Factual Forum 2007 (a forum bringing together various key TV/production factual programming players).

Acted for a significant computer games company in Singapore on its various game publishing/distribution deals, game development deals for various platforms including PC, mobile, Nintendo DS, online; and advising the same on strategies relating to registration of trademarks including for the games developed.

Acted in various operational deals for a regional computer game company.

Acted for a foreign Bank in arbitration proceedings in Singapore against a foreign software developer in a dispute arising out of a software development and implementation contract for a core banking application software.

Acted for a major global US financial entity against a software company relating to a dispute arising from a software licence agreement.

Acted for a foreign telecommunications company in court proceedings in Singapore against a company and an individual for internet / email defamation.

Acted for one of the largest local distributors of movie video compact discs in a variety of matters relating to intellectual property issues – commencing criminal prosecution, applying for search warrants, commencing civil proceedings.

Assisted a well-known organisation in starting an e-commerce shopping business in Singapore including advice on trade and import laws and consumer laws relating to different categories of products, such as telecommunications equipment, cosmetics, food products etc.

Memberships/Directorships

Member, Law Society of Singapore

Member, Singapore Academy Of Law

Member, IAPP (International Association of Privacy Professionals)

Member, International Technology Law Association (ITechLaw)

Publications

New Venture

Co-founder and Director of Rajah & Tann Technologies Pte Ltd, a company established in January 2018, that provides a suite of much needed multi-disciplinary services to assist organisations to embrace and navigate the digital economy including cybersecurity, data breach readiness and response services, e-discovery, virtual law academy, legaltech and regtech.

Presentations/Speaking Engagements/TV Interviews

‘New Media: Knowing the Legal and Ethical Issues’ – presentation to the National Library Board for its seminar on New Media Literacy, 27 June 2007.

Presentation on topic ‘Doing Business Online to Advertise or Sell’ – speaker at seminar organised by Ahrals Centre for Business Forums, 6 September 2007.

‘Intellectual Property Rights & Film Production’ – presentation to the Association of Independent Television Production Companies (Singapore), 19 September 2007.

‘An Introduction to Copyright and Trademark Laws’ – presentation to the staff of a games company, 21 November 2007.

Speaker/trainer for the workshop “WSQ Fundamentals of IP for the Media Industry” run by the IP Academy (Singapore) – 23 & 24 August 2011.

Speaker for the SparX Up Awards 2011 Conference “Innovate or Die” in Jakarta, Indonesia, on the topic “Recognizing Intellectual Assets and Exploitation” - 21 October 2011.

Speaker for the Singapore Business Federation seminar on the topic “Demystifying, Understanding and Exploiting Intellectual Property (IP) and IP Rights (IPRs)” – 28 October 2011.

Speaker for the Privacy and Data Protection Singapore 2011 conference organized by CrimsonLogic on the topic “Effectively Implementing Data Protection Policies Within Your Corporation in Preparation for the Upcoming Data Protection Act in 2012” – 11 November 2011.

Speaker for the Data Protection Law seminar hosted by NEC Asia Pacific on the topic “Implementing data protection policies within your corporation for the upcoming Data Protection Act in 2012” – 25 May 2012.

Speaker for three Rajah & Tann Lunch Time Seminars on the topic “Implementing Data Protection Policies Within Your Corporation for the Upcoming Data Protection Act in 2012” – 11 July 2012, 20 July 2012, 25 July 2012.

Speaker for the General Insurance Association Data Protection Law seminar on the topic “Implementing data protection policies within your corporation for the upcoming Data Protection Act in 2012” – 23 August 2012.

Speaker for Data Protection Law seminar at the American Chamber of Commerce (Singapore) on the topic "Implementing Data Protection Policies Within Your Corporation to Comply with proposed Singapore Data Protection Laws"– 14 September 2012.

Speaker/trainer for the full 1 day data protection seminar/workshop organized by LegalNet Asia on the Singapore Personal Data Protection Act – 18 January 2013.

Speaker for Data Protection Law breakfast seminar at the American Chamber of Commerce (Singapore) on the topic "Implementing Data Protection Policies Within Your Corporation to Comply with proposed Singapore Data Protection Laws"– 20 February 2013.

Speaker/trainer at the Singapore International Chamber of Commerce half day course on the topic “Demystifying the Personal Data Protection Act” – 3 May 2013.

Speaker at the 3rd European Data Protection Days Conference (2 days conference) held in Berlin, Germany, on the topic “Singapore data protection law as well as notable developments in the South East Asia region” - 13 May 2013.

Panel speaker at the ACCA Singapore Annual Conference on “Future Proofing Business and the Accountancy Sector” - 12 May 2014.

Interviewed on the ChannelNewsAsia current affairs television programme ‘Between the Lines’ on the topic “Right to be Forgotten” – 5 November 2014.

Speaker at the Singapore Press Club panel discussion on the topic “Right to be Forgotten” – 25 February 2015.

Speaker at the ABS-FITA Technology Risk and Security Masterclass held on 17 and 18 March 2015 on the topic “Technology Risk – A Legal Perspective”.

Speaker at the joint Blue Coat Systems – Rajah & Tann Singapore seminar on the topic “Protecting and Securing Data: The Menace of Data Breach, IT System Compromise and Cyberattack – Are you prepared?” – 9 April 2015.

Speaker at the 5th European Data Protection Days Conference held in Berlin on 4 and 5 May 2015 on the topic “(i) From script to screen – the rollout and implementation of data protection law in Singapore (ii) Casting an eye on data protection law in Southeast Asia”.

Panel Speaker at IOT (Internet of Things) Privacy Summit organized by Truste, held at Silicon Valley California, on the topic of “Rolling Out Your Global Iot Product – Practical Considerations To Keep In Mind” – 17 June 2015.

Speaker at the Cloud Security Alliance seminar on the topic “Protecting and Securing Data: The Menace of Data Breach, IT System Compromise and Cyberattack – Are you prepared?” – 20 July 2015.

Speaker at the ISACA seminar on the topic “Protecting and Securing Data: The Menace of Data Breach, IT System Compromise and Cyberattack – Are you prepared?” – 21 July 2015.

Organiser and key speaker at 3 speaking sessions for the 3 days inaugural international data privacy conference “Data Privacy Asia” held at Grand Hyatt Singapore between 25 to 27 August 2015 on the topics :

Workshop trainer at the 2016 In-House Congress Singapore on the topic “Data Security Challenges And Implications For An Organisation In The Wake Of Its Burgeoning Reliance On Technology And Push Towards The Monetisation Of Data” – 6 September 2016.

Speaker at the 3 days Data Privacy Asia 2016 conference in Singapore at the panel session on “Breach Response Playbook - Effectively Preparing for Data Breaches” – 9 November 2016.

Speaker at the 3 days Data Privacy Asia 2016 conference in Singapore on the topic “Grappling with the Internet of Things, Disruptive Technology and Cloud of Things in the context of a Smart Nation initiative and an individual’s clarion call for greater transparency” – 10 November 2016.

Speaker at the 3 days Data Privacy Asia 2016 conference in Singapore at the panel session on “Impact of GDPR on Asian Businesses” – 10 November 2016.

Speaker at the ISMG Fraud & Breach Prevention Summit: Singapore on the topic “Breach Disclosure Requirements: Legal Implications and Navigating a New Legal World of Complexity” – 22 November 2016.

Speaker at the 2 days IOTAsia 2017 conference on the topic of “Perspectives on Data as an Asset - Uses and Governance Issues” – 30 March 2017.

Live studio TV interview on ChannelNewsAsia on the topic of “Is it possible to "police" social media – especially something that's LIVE?” - 2 May 2017.

Speaker at the 2 days US-ASEAN Conference On Legal Issues Of Regional Importance 2017 organised by S. Rajaratnam School of International Studies and The Asia Foundation at the panel session on “Cyber-Security and Data Protection” – 9 May 2017.

Speaker at the 3 days 7th European Data Protection Days Conference held in Berlin, Germany, on the topic “Grappling with the internet of things, disruptive technology and cloud of things in the context of a smart nation initiative” – 15 May 2017.

Speaker at the 3 days CommunicAsia 2017 Summit in Singapore on the topic “Grappling with the Internet of Things, Disruptive Technology, Cloud of Things and Data Privacy” – 23 to 25 May 2017.

Speaker at the TRUSTe Privacy Risk Summit 2017 in San Francisco on the topic “Balancing Privacy & Innovation in Singapore Smart City” – 6 June 2017.

Speaker at the TRUSTe Privacy Risk Summit 2017 in San Francisco on the topic “Understanding your PrivacyRisk Exposure in Asia” – 6 June 2017.

Speaker at the IMDA (Singapore’s Infocomm Media Development Authority) SG: Digital Industry Day conference on the subject of AI (artificial intelligence) and the legal industry – 21 May 2018.

Speaker at REDAS (Real Estate Developers’ Association of Singapore) Members seminar on the topic “Understanding the Challenges of Data Protection and Cybersecurity in the Context of the Real Estate Industry” – 22 June 2018.

Speaker at a panel discussion at ConnecTech Asia 2018 on the topic “Opportunities and Threats of Blockchain Technology” – 27 June 2018.

TV interview on Channel 5 News and on ChannelNewsAsia to discuss data protection concerns related to 1 million consumers’ personal data that had been collected by a significant bike sharing company (OBike) in Singapore after it abruptly ceased operations – aired on 28 June 2018 and 29 June 2018.

Speaker at Rajah & Tann Singapore’s Funds and Investment Management Practice Group’s conference on the theme ‘Recent Developments in the Singapore Regulatory Landscape’ on the topic “Grappling with the challenges of the digital economy in the context of data protection and cybersecurity” – 30 August 2018.

Speaker at the Singapore International Chamber of Commerce seminar on the theme “Introduction to Industry Transformation Maps for Professional Services”, where I spoke on the topic “AI Adoption in the Legal Sector” – 26 September 2018.

Live radio interview on 93.8 FM radio programme on the topic of whether domestic helpers have rights of privacy while working for their employers in the latter’s homes – broadcasted live in morning of 4 October 2018.

TV interview on Channel 5’s popular current affairs show called Talking Point on the topic of whether domestic helpers have rights of privacy while working for their employers in the latter’s homes. The show titled this episode as ‘Is my employer watching over me’ – aired on TV on 4 October 2018.

Speaker at the Law Society of Singapore pro bono office’s seminar on “PDPA and Cybersecurity Act” – 8 October 2018.

Invited by HSBC to speak at the inaugural HSBC ASEAN HeXchange as a panel speaker on the topic “Preparing Businesses for the Digital Age – A Deep Dive into Singapore’s Smart Nation Initiative and Regulatory Insights Impacting Today’s Digital Businesses” – 11 October 2018.

Invited by the Singapore Management University (SMU) to give a talk/presentation to law undergraduate students that are taking the inaugural data protection course, on the work undertaken by a data protection practitioner – 15 November 2018.